diff --git a/openvpn-tmpfile.conf b/openvpn-tmpfile.conf
index 9b9cb2d..9416334 100644
--- a/openvpn-tmpfile.conf
+++ b/openvpn-tmpfile.conf
@@ -1 +1 @@
-D /var/run/openvpn 0710 root openvpn -
+D /var/run/openvpn 0750 root root -
diff --git a/openvpn.changes b/openvpn.changes
index 3cbe290..bb80770 100644
--- a/openvpn.changes
+++ b/openvpn.changes
@@ -1,3 +1,15 @@
+-------------------------------------------------------------------
+Tue Apr 23 13:20:48 UTC 2013 - mt@suse.de
+
+- Fixed to enable systemd support in configure
+- Fixed openvpn-tmpfile.conf to use GID root, there is no openvpn group.
+- Added openvpn.target file allowing to handle all instances at once.
+- Fixed to install the service template correctly as openvpn@.service.
+  Use "systemctl enable openvpn@foo.service" to enable instance using
+  /etc/openvpn/foo.conf.
+- Disabled systemd variant of restart on update rpm macro, adopted other
+  macros to use openvpn.target to e.g. stop all instances on uninstall.
+
 -------------------------------------------------------------------
 Tue Mar 26 14:38:48 UTC 2013 - aj@suse.com
 
diff --git a/openvpn.service b/openvpn.service
index 4bda941..71ec1d8 100644
--- a/openvpn.service
+++ b/openvpn.service
@@ -1,14 +1,15 @@
 [Unit]
-Description=OpenVPN Robust And Highly Flexible Tunneling Application On %I
-After=syslog.target network.target
+Description=OpenVPN tunneling daemon instance using /etc/openvpn/%I.conf
+After=network.target
+PartOf=openvpn.target
 
 [Service]
-PrivateTmp=true
 Type=forking
+PrivateTmp=true
 PIDFile=/var/run/openvpn/%i.pid
-ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf
+ExecStart=/usr/sbin/openvpn --daemon --suppress-timestamps --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf
+ExecReload=/sbin/killproc -p /var/run/openvpn/%i.pid -HUP /usr/sbin/openvpn
 
 [Install]
-WantedBy=multi-user.target
-
+WantedBy=multi-user.target openvpn.target
 
diff --git a/openvpn.spec b/openvpn.spec
index 026f7c1..4045ed4 100644
--- a/openvpn.spec
+++ b/openvpn.spec
@@ -43,7 +43,8 @@ Source4:        client-netconfig.up
 Source5:        client-netconfig.down
 Source7:        %{name}.keyring
 Source8:        %{name}.service
-Source9:        %{name}-tmpfile.conf
+Source9:        %{name}.target
+Source10:       %{name}-tmpfile.conf
 Patch1:         %{name}-2.3-plugin-man.dif
 Patch5:         %{name}-2.3.0-man-dot.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -132,14 +133,17 @@ find contrib sample -type f -perm +100 \
 export CFLAGS="$RPM_OPT_FLAGS -W -Wall -fno-strict-aliasing"
 export LDFLAGS
 %configure \
-	--enable-iproute2                   \
-	--enable-x509-alt-username          \
-	--enable-password-save              \
-    --enable-plugins                    \
-    --enable-plugin-down-root           \
-    --enable-plugin-auth-pam            \
-	--with-lzo-headers=%_includedir/lzo \
-    CFLAGS="$CFLAGS -fPIE $PLUGIN_DEFS" \
+	--enable-iproute2		\
+	--enable-x509-alt-username	\
+	--enable-password-save		\
+%if %{with_systemd}
+	--enable-systemd		\
+%endif
+	--enable-plugins		\
+	--enable-plugin-down-root	\
+	--enable-plugin-auth-pam	\
+	--with-lzo-headers=%_includedir/lzo	\
+	CFLAGS="$CFLAGS -fPIE $PLUGIN_DEFS"	\
 	LDFLAGS="$LDFLAGS -pie -lpam -rdynamic -Wl,-rpath,%{_libdir}/%{name}/plugin/lib"
 make
 
@@ -150,7 +154,8 @@ mkdir -p $RPM_BUILD_ROOT/%{_sysconfdir}/openvpn
 mkdir -p $RPM_BUILD_ROOT/%{_localstatedir}/run/openvpn
 mkdir -p $RPM_BUILD_ROOT/%{_datadir}/openvpn
 %if %{with_systemd}
-install -D -m 644 $RPM_SOURCE_DIR/%{name}.service %{buildroot}/%{_unitdir}/%{name}.service
+install -D -m 644 $RPM_SOURCE_DIR/%{name}.service %{buildroot}/%{_unitdir}/%{name}@.service
+install -D -m 644 $RPM_SOURCE_DIR/%{name}.target %{buildroot}/%{_unitdir}/%{name}.target
 # tmpfiles.d
 mkdir -p %{buildroot}%{_libexecdir}/tmpfiles.d
 install -m 0644 $RPM_SOURCE_DIR/%{name}-tmpfile.conf %{buildroot}%{_libexecdir}/tmpfiles.d/%{name}.conf
@@ -170,22 +175,23 @@ install -m 755 $RPM_SOURCE_DIR/client-netconfig.down sample/sample-scripts/clien
 rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/{OpenVPN,%name}
 
 %post
+%__mkdir_p -m750 %{_localstatedir}/run/openvpn
 %if %{with_systemd}
-%service_add_post %{name}.service
+%service_add_post %{name}.target
 %else
 %{?fillup_and_insserv:%fillup_and_insserv}
 %endif
 
 %preun
 %if %{with_systemd}
-%service_del_preun %{name}.service
+%service_del_preun %{name}.target
 %else
 %{?stop_on_removal:%stop_on_removal openvpn}
 %endif
 
 %postun
 %if %{with_systemd}
-%service_del_postun %{name}.service
+/bin/systemctl --system daemon-reload &>/dev/null || :
 %else
 %{?insserv_cleanup:%insserv_cleanup}
 %endif
@@ -203,7 +209,8 @@ rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/{OpenVPN,%name}
 %doc %{_mandir}/man8/openvpn.8.gz
 %config(noreplace) %{_sysconfdir}/openvpn/
 %if %{with_systemd}
-%{_unitdir}/%{name}.service
+%{_unitdir}/%{name}@.service
+%{_unitdir}/%{name}.target
 %{_libexecdir}/tmpfiles.d/%{name}.conf
 %else
 %config %{_sysconfdir}/init.d/openvpn
@@ -211,7 +218,7 @@ rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/{OpenVPN,%name}
 %{_sbindir}/rcopenvpn
 %endif
 %{_sbindir}/openvpn
-%attr(0755,root,root) %dir %ghost %{_localstatedir}/run/openvpn
+%attr(0750,root,root) %dir %ghost %{_localstatedir}/run/openvpn
 %{_includedir}/%{name}-plugin.h
 
 %files down-root-plugin
diff --git a/openvpn.target b/openvpn.target
new file mode 100644
index 0000000..632256d
--- /dev/null
+++ b/openvpn.target
@@ -0,0 +1,3 @@
+[Unit]
+Description=OpenVPN target allowing to start/stop all openvpn@.service instances at once
+